Fraudulent Website Phishing Attempts
Virus Collecting Financial Information:
CIBC FirstCaribbean customers need to be aware of the Zeus virus which collects financial information. The virus, a Rootkit is called ZBOT or ZeusBot, it detects your online banking session and displays a second page that looks like your online banking login screen and shows the following warning message:
“We do not recognise the computer you are using.
To continue with Online Banking, please provide the information requested below.”
If the user provides the information it is saved on the local hard drive in a hidden file and is assumed to be sent at a later time to a malicious website.
At this time many Anti-virus engines are still not detecting the variants of this malware and removing the code from one’s machine or preventing its outbound notification, is difficult. If you believe your office computer may have been infected and you have entered in your personal information, please contact the CIBC FirstCaribbean Customer Service Centres so that your information can be changed.
If your personal computer has been infected, visit one of the following and then follow the steps to remove the virus.
Go to Microsoft’s website and search for the Malicious Software Removal Tool (MSRT). This tool detects and removes the Zeus virus.
Trend Micro - http://housecall.trendmicro.com/
A number of email users have been targeted by fraudulent email.
The email includes a very authentic copy of our Internet Banking Log On Screen - and requests that recipients input their personal log on details.
We are aware of this fraudulent activity and are taking the necessary action.
We would like to remind our customers that:
- You should only log on to CIBC FirstCaribbean Internet Banking at the authentic address at: http://cibcfcib.com
- You should never disclose your banking details, including passwords to anyone
- CIBC FirstCaribbean will never ask customers for personal information or account details within an email
- Never click on the link within the email
- Always go to the site and type in the address